John Podesta’s Ignorance To Blame For Triggering Email Hack?

After receiving a phishing email claiming that Google said “Podesta needed to change his password on gmail,” a Podesta aide asked Clinton Campaign aide Charles Delavan whether or not the email was real and legitimate.

What followed may go down as the easiest hack and biggest mistake of Delavan’s career that arguably played a significant role in Hillary Clinton losing the election.

Delavan replied to Podesta and said that it was indeed a “legitimate” email, prompting Podesta to immediately change his password. However, Delavan told the New York Times that he meant to write “illegitimate” instead. Oops.

“This is a legitimate email. John needs to change his password immediately, and ensure that two-factor authentication is turned on his account,” replied Delavan.

The email was then forwarded to Podesta’s special assistant Milia Fisher, asking her to help Podesta update his password.

“Does Podesta have the 2 step verification or do we need to do with him on the phone? Don’t want to lock him out of his in box!” Fisher asked.

“Delavan told the Times he had intended to type ‘illegitimate,’ a typo he still has not forgiven himself for making,” The Hill reported. “The email was a phishing scam that ultimately revealed Podesta’s password to hackers. Soon after, WikiLeaks began releasing 10 years of his emails.”

Delavan also added that “he meant to prompt Podesta to change his Google password on the gmail.com website, instead of through the fraudulent email but he never did.”

The security firm SecureWorks identified a Bit.ly account and WikiLeaks-released Podesta email that they said appeared to have been used in a phishing attack on Podesta’s gmail account.

SecureWorks found the Bit.ly account being used by hackers contained several links to phishing sites with their victim’s information encoded into the url.

It is not known whether it was Podesta or Fisher who clicked on the phishing email.